diff --git a/README.md b/README.md index e3060f36bd893b1e918aea97640ed7c11f2d8885..166b6c9be1cee1e9f61ccaf9aa1b31eb4d6103c8 100644 --- a/README.md +++ b/README.md @@ -63,9 +63,10 @@ The login_gov module uses the [Key](https://drupal.org/project/key) and the [Key Asymmetric](https://drupal.org/project/key_asymmetric) modules to manage the private key. -After installing, go to `admin/config/system/keys` and click "+ Add Key", give -it a name, and use the Key Type "Private key". Under "Provider settings", you'll -need to discuss with your ops and security teams how to deploy it best. +After installing, go to `admin/config/system/keys` , click "+ Add Key", give it +a name, and use the Key Type "Private key". Under "Provider settings", choose +how you will deploy the private key in your environments. Discuss with your +hosting provider, ops team and/or security team how to deploy it best. * Using "Configuration" stores it in the Drupal database and would be exported by `drush cex`, which risks the private secret finding its way to your project's @@ -83,10 +84,10 @@ often uploaded through the hosting provider's management portal. Once you've got the key set up, you can create the OpenID Client in the OpenID Connect config section: `admin/config/people/openid-connect`. -* Name - Used internally, whatever makes sense to you. +* Name - Used by OpenID Connect in the "Log in with @name" button. * Client ID - This value is provided by Login.gov. In your application's config -screen, they called it "Issuer." +page, they called it "Issuer." * Sandbox Mode - Check this if you're running in a Login.gov developer sandbox and uncheck it for a production application. @@ -122,5 +123,5 @@ Rediect URLs. # Disclaimers This module was written by [John Franklin](https://www.drupal.org/user/683430) -at Bixal Solutions and is not maintained nor affiliated with GSA, the login.gov +at Bixal Solutions and is not maintained nor affiliated with GSA, the Login.gov service, nor any federal agency. \ No newline at end of file