diff --git a/README.md b/README.md
index 3865fc3d23ff8008024dbc608db0c72726a53e38..bc1b6f0a0f998890b36931049a490a769ad43cad 100644
--- a/README.md
+++ b/README.md
@@ -18,3 +18,11 @@ ARGS:
     <url>      [env: URL=]  [default: https://phabricator.collabora.com/api/user.whoami]
     <port>     [env: PORT=]  [default: 8080]
 ```
+
+The using service should get its oauth api/userinfo URL configured to this
+service on the `/userinfo` path; Calls need to be made using bearer
+authentication which is valid for phabricator (This is the default for oauth
+services it seems).
+
+The service doesn't terminate SSL connection and *must* be use either only
+a private network (e.g. in a docker-compose) or behind a ssl terminating proxy.