diff --git a/README.md b/README.md
index 450c71060..14108ddfb 100644
--- a/README.md
+++ b/README.md
@@ -7,13 +7,37 @@
nginx. It has been made to work with nginx [auth_request] module and is currently
used in production to secure internal services in a small docker swarm cluster.
-## Features
+# Table of Contents
+1. [Features summary](#features-summary)
+2. [Deployment](#deployment)
+ 1. [With NPM](#with-npm)
+ 2. [With Docker](#with-docker)
+3. [Getting started](#getting-started)
+ 1. [Pre-requisites](#pre-requisites)
+ 2. [Run it!](#run-it)
+4. [Features in details](#features-in-details)
+ 1. [First factor with LDAP and ACL](#first-factor-with-ldap-and-acl)
+ 2. [Second factor with TOTP](#second-factor-with-totp)
+ 3. [Second factor with U2F security keys](#second-factor-with-u2f-security-keys)
+ 4. [Password reset](#password-reset)
+ 5. [Access control](#access-control)
+ 6. [Session management with Redis](#session-management-with-redis)
+4. [Documentation](#documentation)
+ 1. [Authelia configuration](#authelia-configuration)
+ 1. [API documentation](#api-documentation)
+5. [Contributing to Authelia](#contributing-to-authelia)
+6. [License](#license)
+
+---
+
+## Features summary
* Two-factor authentication using either
**[TOTP] - Time-Base One Time password -** or **[U2F] - Universal 2-Factor -**
as 2nd factor.
* Password reset with identity verification by sending links to user email
address.
* Access restriction after too many authentication attempts.
+* Session management using Redis key/value store.
## Deployment
@@ -73,7 +97,7 @@ Add the following lines to your **/etc/hosts** to alias multiple subdomains so t
127.0.0.1 mx2.mail.test.local
127.0.0.1 auth.test.local
-### Deployment
+### Run it!
Deploy **Authelia** example with the following command:
@@ -93,7 +117,9 @@ Below is what the login page looks like:
-### First factor: LDAP and ACL
+## Features in details
+
+### First factor with LDAP and ACL
An LDAP server has been deployed for you with the following credentials and
access control list:
@@ -117,8 +143,8 @@ your credentials are wrong.
-### Second factor: TOTP (Time-Base One Time Password)
-In **Authelia**, you need to register a per user TOTP secret before
+### Second factor with TOTP
+In **Authelia**, you need to register a per user TOTP (Time-Based One Time Password) secret before
authenticating. To do that, you need to click on the register button. It will
send a link to the user email address. Since this is an example, no email will
be sent, the link is rather delivered in the file
@@ -129,8 +155,8 @@ to store them and get the generated tokens with the app.
-### 2nd factor: U2F (Universal 2-Factor) with security keys
-**Authelia** also offers authentication using U2F devices like [Yubikey](Yubikey)
+### Second factor with U2F security keys
+**Authelia** also offers authentication using U2F (Universal 2-Factor) devices like [Yubikey](Yubikey)
USB security keys. U2F is one of the most secure authentication protocol and is
already available for Google, Facebook, Github accounts and more.
@@ -160,8 +186,11 @@ the user access to some subdomains. Those rules are defined in the
configuration file and can be set either for everyone, per-user or per-group policies.
Check out the *config.template.yml* to see how they are defined.
+### Session management with Redis
+When your users authenticate against Authelia, sessions are stored in a Redis key/value store. You can specify your own Redis instance in the [configuration file](#authelia-configuration).
+
## Documentation
-### Configuration
+### Authelia configuration
The configuration of the server is defined in the file
**configuration.template.yml**. All the details are documented there.
You can specify another configuration file by giving it as first argument of