diff --git a/vega-hrm-auth/build.gradle b/vega-hrm-auth/build.gradle
index f936042..ffef6d8 100644
--- a/vega-hrm-auth/build.gradle
+++ b/vega-hrm-auth/build.gradle
@@ -15,6 +15,7 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa:3.4.0'
     implementation 'org.springframework.boot:spring-boot-starter-web:3.4.0'
     implementation 'org.projectlombok:lombok:1.18.38'
+    implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.7.0'
     implementation('org.springframework.boot:spring-boot-starter:3.4.0') {
         exclude group: 'org.springframework.boot', module: 'spring-boot-starter-logging'
     }
diff --git a/vega-hrm-auth/src/main/java/com/vega/hrm/controller/GoogleController.java b/vega-hrm-auth/src/main/java/com/vega/hrm/controller/GoogleController.java
index 923caab..36ed050 100644
--- a/vega-hrm-auth/src/main/java/com/vega/hrm/controller/GoogleController.java
+++ b/vega-hrm-auth/src/main/java/com/vega/hrm/controller/GoogleController.java
@@ -2,6 +2,9 @@ package com.vega.hrm.controller;
 
 import com.vega.hrm.core.models.responses.BaseResponse;
 import com.vega.hrm.service.GoogleService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -12,17 +15,22 @@ import org.springframework.web.bind.annotation.RestController;
 @RestController
 @RequestMapping("api/google/user")
 @RequiredArgsConstructor
+@Tag(name = "Auth - Google", description = "Luồng OAuth2 với Google phục vụ xác thực người dùng")
 public class GoogleController {
 
     private final GoogleService googleService;
 
     @GetMapping("/get-auth-url")
+    @Operation(summary = "Sinh URL đăng nhập Google", description = "Tạo URL xác thực Google OAuth2 với các scope đã cấu hình.")
     public ResponseEntity<BaseResponse<String>> getGoogleAuthUrl(){
         return ResponseEntity.ok(googleService.getGoogleAuthUrl());
     }
 
     @GetMapping("callback")
-    public ResponseEntity<BaseResponse<Boolean>> googleCallback(@RequestParam("code") String code){
+    @Operation(summary = "Xử lý callback Google", description = "Nhận mã ủy quyền từ Google và hoàn tất trao đổi token.")
+    public ResponseEntity<BaseResponse<Boolean>> googleCallback(
+        @Parameter(description = "Mã ủy quyền trả về bởi Google sau khi người dùng đồng ý.")
+        @RequestParam("code") String code){
         return ResponseEntity.ok(googleService.googleCallback(code));
     }
 
diff --git a/vega-hrm-auth/src/main/java/com/vega/hrm/controller/UserController.java b/vega-hrm-auth/src/main/java/com/vega/hrm/controller/UserController.java
index 8868c88..e4d6123 100644
--- a/vega-hrm-auth/src/main/java/com/vega/hrm/controller/UserController.java
+++ b/vega-hrm-auth/src/main/java/com/vega/hrm/controller/UserController.java
@@ -4,6 +4,8 @@ import com.vega.hrm.core.models.responses.BaseResponse;
 import com.vega.hrm.request.user.CreateUserRequest;
 import com.vega.hrm.request.user.LoginRequest;
 import com.vega.hrm.service.UserService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -14,15 +16,18 @@ import org.springframework.web.bind.annotation.RestController;
 @RestController
 @RequestMapping("api/auth/user")
 @RequiredArgsConstructor
+@Tag(name = "Auth - User", description = "Các API liên quan đến xác thực và quản lý người dùng nội bộ")
 public class UserController {
     private final UserService userService;
 
     @PostMapping("/login")
+    @Operation(summary = "Đăng nhập", description = "Nhận thông tin phiên đăng nhập và token bảo mật.")
     public ResponseEntity<BaseResponse<Object>> login(@RequestBody LoginRequest request) {
         return ResponseEntity.ok(userService.login(request));
     }
 
     @PostMapping("/insert")
+    @Operation(summary = "Tạo người dùng nội bộ", description = "Tạo tài khoản quản trị viên/nhân sự mới.")
     public ResponseEntity<BaseResponse<Boolean>> insert(@RequestBody CreateUserRequest request) {
         return ResponseEntity.ok(userService.insert(request));
     }
diff --git a/vega-hrm-auth/src/main/resources/application.properties b/vega-hrm-auth/src/main/resources/application.properties
index ef47687..fbd0af3 100644
--- a/vega-hrm-auth/src/main/resources/application.properties
+++ b/vega-hrm-auth/src/main/resources/application.properties
@@ -6,4 +6,8 @@ vega.jpa.repository.basePackage=com.vega.hrm.core.repositories
 vega.jpa.entity.basePackage=com.vega.hrm.core.entities
 spring.config.import=file:config/shared.properties
 logging.config=file:config/log4j2.properties
+springdoc.api-docs.path=/api-docs/auth
+springdoc.swagger-ui.path=/swagger-ui/auth
+springdoc.swagger-ui.operations-sorter=method
+springdoc.swagger-ui.tags-sorter=alpha
 
diff --git a/vega-hrm-core/src/main/java/com/vega/hrm/core/filters/AuthorizationFilter.java b/vega-hrm-core/src/main/java/com/vega/hrm/core/filters/AuthorizationFilter.java
index 923049e..1e0630b 100644
--- a/vega-hrm-core/src/main/java/com/vega/hrm/core/filters/AuthorizationFilter.java
+++ b/vega-hrm-core/src/main/java/com/vega/hrm/core/filters/AuthorizationFilter.java
@@ -28,14 +28,21 @@ import org.springframework.web.filter.OncePerRequestFilter;
 @RequiredArgsConstructor
 public class AuthorizationFilter extends OncePerRequestFilter {
 
-    private static final List<String> EXCLUDE_URIS = List.of("/api/auth/user/login","/api/google/user/callback");
+    private static final List<String> EXCLUDE_URIS = List.of(
+        "/api/auth/user/login",
+        "/api/google/user/callback",
+        "/swagger-ui/auth.html",
+        "/swagger-ui/swagger-ui/index.html",
+        "/api-docs/auth",
+        "/api-docs/report"
+    );
     private final RedisService redisService;
 
     @Override
     protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull FilterChain filterChain) {
         try {
             var uri = request.getRequestURI();
-            if (EXCLUDE_URIS.contains(uri) || uri.contains("actuator")) {
+            if (EXCLUDE_URIS.contains(uri) || uri.contains("actuator") || uri.contains("swagger") || uri.contains("api-docs")) {
                 filterChain.doFilter(request, response);
                 return;
             }
diff --git a/vega-hrm-report/build.gradle b/vega-hrm-report/build.gradle
index c2d6b46..ddb3451 100644
--- a/vega-hrm-report/build.gradle
+++ b/vega-hrm-report/build.gradle
@@ -15,6 +15,7 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa:3.4.0'
     implementation 'org.springframework.boot:spring-boot-starter-web:3.4.0'
     implementation 'org.projectlombok:lombok:1.18.38'
+    implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.7.0'
     implementation('org.springframework.boot:spring-boot-starter:3.4.0') {
         exclude group: 'org.springframework.boot', module: 'spring-boot-starter-logging'
     }
diff --git a/vega-hrm-report/src/main/java/com/vega/hrm/report/controller/ReportGoogleController.java b/vega-hrm-report/src/main/java/com/vega/hrm/report/controller/ReportGoogleController.java
index ecd006e..db219cc 100644
--- a/vega-hrm-report/src/main/java/com/vega/hrm/report/controller/ReportGoogleController.java
+++ b/vega-hrm-report/src/main/java/com/vega/hrm/report/controller/ReportGoogleController.java
@@ -7,6 +7,8 @@ import com.vega.hrm.core.dto.GoogleOAuthConfig;
 import com.vega.hrm.core.models.responses.BaseResponse;
 import com.vega.hrm.report.request.GetDragRevenueRequest;
 import com.vega.hrm.report.serivce.CreateReportingJobService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.io.IOException;
 import java.security.GeneralSecurityException;
 import lombok.RequiredArgsConstructor;
@@ -18,11 +20,14 @@ import org.springframework.web.bind.annotation.RestController;
 @RestController
 @RequestMapping("api/report/google")
 @RequiredArgsConstructor
+@Tag(name = "Report - Google", description = "API đồng bộ báo cáo từ YouTube Reporting API")
 public class ReportGoogleController {
 
     private final CreateReportingJobService createReportingJob;
     private final GoogleOAuthConfig googleOAuthConfig;
+
     @GetMapping("/youtube/demo")
+    @Operation(summary = "Khởi tạo job demo YouTube", description = "Thực thi job báo cáo mẫu với cấu hình được lưu trữ trong hệ thống.")
     public ResponseEntity<BaseResponse<Boolean>> getRevenue(GetDragRevenueRequest getDragRevenueRequest)
         throws GeneralSecurityException, IOException {
         var tokenStore = new TokenStore();
diff --git a/vega-hrm-report/src/main/resources/application.properties b/vega-hrm-report/src/main/resources/application.properties
index 39a3324..e90db04 100644
--- a/vega-hrm-report/src/main/resources/application.properties
+++ b/vega-hrm-report/src/main/resources/application.properties
@@ -6,4 +6,8 @@ vega.jpa.repository.basePackage=com.vega.hrm.core.repositories
 vega.jpa.entity.basePackage=com.vega.hrm.core.entities
 spring.config.import=file:config/shared.properties
 logging.config=file:config/log4j2.properties
+springdoc.api-docs.path=/api-docs/report
+springdoc.swagger-ui.path=/swagger-ui/report
+springdoc.swagger-ui.operations-sorter=method
+springdoc.swagger-ui.tags-sorter=alpha