-* Used to create multiple stateful A1 providers (simulated near-rt-rics)
-* Supports A1-Policy and A1-Enrichment Information
-* Swagger-based northbound interface, so easy to change the A1 profile exposed (e.g. A1 version, A1 Policy Types, A1-E1 consumers, etc)
-* All A1-AP versions supported
+The auth-token-fetch provides support for authentication.
+It is intended to be used as a sidecar and does the authentication procedure, gets and saves the access token
+in the local file system. This includes refresh of the token before it expires.
+This means that the service only needs to read the token from a file.
+
+It is tested using Keycloak as authentication provider.
+
+.. image:: ./AuthSupport.png
+ :width: 500pt
+
+So, a service just needs to read the token file and for instance insert it in the authorization header when using HTTP.
+The file needs to be re-read if it has been updated.
+
+The auth-token-fetch is configured by the following environment variables.
+
+* CERT_PATH - the file path of the cert to use for TSL, example: security/tls.crt
+* CERT_KEY_PATH - the file path of the private key file for the cert, example: "security/tls.key"
+* ROOT_CA_CERTS_PATH - the file path of the trust store.
+* CREDS_GRANT_TYPE - the grant_type used for authentication, example: client_credentials
+* CREDS_CLIENT_SECRET - the secret/private shared key used for authentication
+* CREDS_CLIENT_ID - the client id used for authentication
+* OUTPUT_FILE - the path where the fetched authorization token is stored, example: "/tmp/authToken.txt"
+* AUTH_SERVICE_URL - the URL to the authentication service (Keycloak)
+* REFRESH_MARGIN_SECONDS - how long in advance before the authorization token expires it is refreshed
+
+Test Framework
+~~~~~~~~~~~~~~
+
+A full test environment with extensive test cases/scripts can be found in the ``test`` directory in the *nonrtric* source code.
+
+Non-RT-RIC Use Cases
+~~~~~~~~~~~~~~~~~~~~
+
+"Helloworld" O-RU Fronthaul Recovery use case
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+A very simplified closed-loop rApp use case to re-establish front-haul connections between O-DUs and O-RUs if they fail. Not intended to to be 'real-world'.