- basic functionality with psql and sqlite

- cli helper tool

1 files changed, 45 insertions, 7 deletions

diff --git a/README.md b/README.md
index e22dc9d..0d4594e 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,19 @@
-# SecD
+# SecD(iam)
 
-Don't keep using expensive auth providers. secd provides everything you need to hook up your web service with the most common auth providers and mechanisms. Use secd with your language of choice. You can also use the Terraform template to launch secd a service within your cloud environment so you really don't ever need to worry about auth again.
+Identity and Access Management enabled by the Sec(urity)D(aemon) but contained in your own infrastructure.
+
+Don't keep using expensive auth providers. secD(iam) is a library which provides robust authentication and custom authorization. You can use one of our pre-configured servers behind a proxy, embed the library into your own application, or build a custom authorization and authentication solution.
+
+secD(iam) allows you to build web, native, mobile, embedded, or any other application for which you want to leverage some type of identity and access management paradigm. Rather than lock yourself into vendors that make it impossible to easily query, manipulate, or otherwise interact with your data, use secD(iam) to easily enable authentication and authorization without hassle.
+
+Get started with:
+- the secD binary
+- a preconfigured secD server
+- browsing secD integration for your Flask, Rails, Django, Laravel, React, Svelte, Angular, Micronaut, FastAPI, Spring Boot project
+- the secD library for Python, Go, Rust, Ruby, Java, Javascript, C, C#, PHP
+- the Terraform template to launch a secD proxy server in AWS, Google Cloud, or Azure.
+
+You can also use the Terraform template to launch secd a service within your cloud environment so you really don't ever need to worry about auth again.
 
 ## Quick Start
 
@@ -14,11 +27,13 @@ secd provides a simple way for you to authenticate and authorize users while mai
 
 **Authorization** is the process of validating that something is allowed to do the thing it wants to do.
 
-secd is a comprehensive, simple, pluggable API that provides the following high level functionality.
+secd is a comprehensive, simple, pluggable API that provides the following high level functionality:
+
+
 
 ### Authentication
 
-Register a new **identity** which is an opaque handle pointing to anything in the service. You can save this handle next to user/device information.
+Register a new **identity** which is an opaque handle. You can save this handle next to your user/device information.
 
 Save a new **authentication credential** for an **identity**. This is a secret of some sort that allows an identity to prove it is what it says it is.
 
@@ -36,9 +51,32 @@ Create a new authentication credential in multiple ways by **initiating** an **a
 **revoke** an identity's authentication. This revokes all valid credentials associated with an identity. Alternatively, only revoke a token, all tokens, a specific API key or all API keys.
 
 
-
-
-
 ### Authorization
 tbd...
 ALlow
+
+## iam cli
+
+```
+iam create validation --email benjaminbellon@gmail.com
+iam create session --validation-id 1234 --code 1234
+iam create group my-group --identity 1 2 3 4
+iam create role my-role --permission 1 2 3 4
+iam create service my-service --uri a/b/c
+iam create permission my-permission --service my-service
+iam ls group
+iam ls role --filter re*g$ex
+iam link group my-group identity 1 2 3
+iam link role my-role permission perm1 perm2 perm3
+iam get identity 123
+iam get group my-group
+```
+
+## Roadmap
+- JWT authentication
+- Oauth providers to add
+- Capabilities scheme
+
+### Who Are We
+
+An enthusiastic collection of application developers, cryptography professionals, security tinfoil-hat-wearing users, and embedded developers with experience across hardware and software from small startups through AWS, Google, Apple, and beyond.