diff --git a/README.md b/README.md
index d622c80..8643e7f 100644
--- a/README.md
+++ b/README.md
@@ -45,11 +45,12 @@ your technology stack.
   - **Settings tab**:
       - **Access Type**: `confidential`
       - **Service Accounts Enabled**: `ON`
+      - **Authorization flow**: Make sure "Standard flow" is checked
+      - **Valid redirect URIs**: `https://{your keycloak-collective-portal domain}/auth/keycloak`
   - **Scope tab**:
       - **Full scope allowed**: `OFF`
-      - **Client roles**: Under `realm-management` add `manage-users` and `view-users`
   - **Service Account Roles tab**:
-      - **Client roles**: Under `realm-management` add `manage-users` and `view-users`
+      - Click "To manage detail and group mappings, click on the username service-account-admin-cli", then "Role mappings", "Assign role", then change the dropdown to "Filter by clients", and add `realm-management:manage-users`, `realm-management:view-users`, `account:manage-account` and `account:view-profile`
 - Deploy using [`coop-cloud/keycloak-colective-portal`](https://git.autonomic.zone/coop-cloud/keycloak-collective-portal)
   - See the example [.env.sample](.env.sample) for the configuration available, more documentation will follow soon.