diff --git a/README.md b/README.md
index 1045c89..b451498 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,10 @@
# Keycloak Gsis Providers
-This Keycloak plugin adds an production and testing identity providers allowing to use Greek Public Administration OAuth 2 Services.
+**IMPORTANT NOTICE:**
+
+**GSIS does NOT ALLOW using its authentication services for connecting or implemneting SSO with third applications OTHER THAN THE ONE you have requested and granded the access for. Using this plugin for providing identification and authorization data to applications other than the one you requested is against the service licence provided by GSIS and WILL RESULT TO REVOKE YOUR ACCESS TO THE SERVICE.**
+
+This Keycloak plugin adds production and testing identity providers for using Greek General Secretariat of Information Systems for Public Administration (GSIS) OAuth 2 Services.
Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code.
@@ -8,26 +12,26 @@ This Keycloak plugin add
## Implemented identity providers
-- TAXISnet OAuth2.0 authentication service testing environmet (gsis-taxis-test)
-- TAXISnet OAuth2.0 authentication service production environmet (gsis-taxis)
-- Employees OAuth2.0 authentication service testing environmet (gsis-govuser-test)
-- Employees OAuth2.0 authentication service production environmet (gsis-govuser)
+- TAXISnet OAuth2.0 authentication service testing environment (gsis-taxis-test)
+- TAXISnet OAuth2.0 authentication service production environment (gsis-taxis)
+- Employees OAuth2.0 authentication service testing environment (gsis-govuser-test)
+- Employees OAuth2.0 authentication service production environment (gsis-govuser)
## How to get permissions for using Gsis OAuth 2.0 authentication services for your application
-In order to be able to use Gsis OAuth 2.0 authentication services you need to request permission from Greek Public Administration. Instructions can be found at Interoperability Center of the Ministry of Digital Governance (KE.D) web site.
+In order to be able to use Gsis OAuth 2.0 authentication services you need to request permission from GSIS. Instructions can be found at Interoperability Center of the Ministry of Digital Governance (KE.D) web site.
After your request to KE.D is approved you will be given a clientId and a clientSecret for connectiong your application with Gsis OAuth2.0 providers.
## Install
-**Quick**: Download latest jar from Releases page. Then deploy it into $KEYCLOAK_HOME/standalone/deployments/ directory.
+**Quick**: Download latest release jar from Releases page. Then deploy it into ```$KEYCLOAK_HOME/standalone/deployments/``` directory.
-You will need a functional Keycloak deployment. You can read Keycloak getting started guide for instructions on setting up a keycloak instance. You can also run Keycloak as a Docker Container , or deploy Keycloak on Kubernetes via plain manifest or using the Keycloak Operator.
+You will need a functional Keycloak deployment. You can read Keycloak getting started guide for instructions on setting up a Keycloak instance. You can also run Keycloak as a Docker Container , or deploy Keycloak on Kubernetes via plain manifest or using the Keycloak Operator.
-After having set up your Keycloak download the latest Keycloak Gsis Providers release jar and install it to your instance. See Keycloak server installation documnetation for more info. You can also easily deploy the extension wthrough Keycloak Manifest if you are using Keycloak Operator on Kubernetes.
+After having set up your Keycloak download the latest Keycloak Gsis Providers release jar and install it to your instance. See Keycloak server installation documentation for more info. You can also easily deploy the extension through Operator Keycloak Manifest if you are using Keycloak Operator on Kubernetes.
-After succesfully installing the extension the following options will be available through Identity Providers -> Add Provider Keycloak administration console menu:
+After successfully installing the extension the following options will be available through Identity Providers -> Add Provider Keycloak administration console menu:
- GsisTaxisTest (TAXISnet testing)
- GsisTaxis (TAXISnet production)
@@ -39,12 +43,26 @@ After succesfully installing the extension the following options will be availab
- Add the Gsis Identity Provider you want to use in the realm which you want to configure.
- In the Gsis identity provider page, set Client Id and Client Secret.
- (Optional) Set the alias for the provider and other options if you want.
+- (Optional) Set up provider mappers (See profile fields)
See the Identity Brokering section of Keycloak Server Admin for more info.
+### Profile Fields
+
+Gsis OAuth 2.0 service provides the following profile fields for **individuals**:
+- userid
+- taxid
+- lastname
+- firstname
+- fathername
+- mothername
+- birthyear
+
+In Identity Provider Mapper page Select ```Attribute Importer``` as ```Mapper Type``` to import a profile field as user attribute.
+
## Source Build
-Clone this repository and run mvn package. You can see keycloak-gsis-providers-{vesrion}.jar under target directory.
+Clone this repository and run ```mvn package```. You can see ```keycloak-gsis-providers-{vesrion}.jar``` under target directory.
## Licence
@@ -55,4 +73,3 @@ Apache License, Version 2.0
Built for the needs of [Greek School Network and Networking Technologies Directorate](http://nts.cti.gr/).
Based on [this sample extension](https://github.com/xgp/keycloak-moneybird-idp) by [xgp](https://github.com/xgp).
-