diff --git a/README.md b/README.md
index 88c6b5c..1b62d91 100644
--- a/README.md
+++ b/README.md
@@ -77,3 +77,6 @@ security:
     access_control:
         - { path: ^/api/, roles: ROLE_API }
 ```
+### Keycloak configuration
+
+To configure keycloak to work with this bundle, [here](./Resources/docs/keycloak-config-guide.md) is a step by step describing for a basic configuration of keycloak.
\ No newline at end of file
diff --git a/Resources/docs/keycloak-config-guide.md b/Resources/docs/keycloak-config-guide.md
new file mode 100644
index 0000000..654bcde
--- /dev/null
+++ b/Resources/docs/keycloak-config-guide.md
@@ -0,0 +1,42 @@
+# Keycloak Configuration guide
+
+### Create a realm
+
+We assume that you already have a realm, if not you can create a realm from the Administration UI, go to ```Realm list > Add realm```
+
+![Create a realm](screenshots/create-a-realm.png)
+
+it will appear in the realm list after creation.
+
+### Create a client
+
+You must define a client that will configure the scope of your application security.
+Make sure you already are in your newly created realm and create a new client by going in ```Configure > Clients > Create```.
+
+![Create a client](screenshots/create-a-client.png)
+
+Once created, you can configure it by going in ``` Configure > Clients > [Your client]```
+Here is a sample configuration that work with our bundle :
+
+![Configure client](screenshots/config-client.png)
+> Note that the client Access type is bearer-only.
+
+### Create roles
+ 
+ In keycloak, roles are an abstraction of permissions for our application (used in security.yaml).
+ In our case we need to define a role named **ROLE_API**
+ 
+ You can configure it in ```Configure > Clients > [Your client] > Roles```
+ 
+ ![Create a role](screenshots/create-a-role.png)
+ 
+ ### Assign a role to a user
+
+Last but not least we need to affect our role to our users.
+
+To add role, go to ```Manage > Users > View all users > [Some User] > Role Mappings```.
+
+* In the **Client Roles** dropdown select your client that contains our roles.
+* Select Roles in **Available Roles** list, then click **Add selected** to assign role to the uses.
+
+And your all done, now you can use your client to secure your API.
\ No newline at end of file
diff --git a/Resources/docs/screenshots/config-client.png b/Resources/docs/screenshots/config-client.png
new file mode 100644
index 0000000..c1725a5
Binary files /dev/null and b/Resources/docs/screenshots/config-client.png differ
diff --git a/Resources/docs/screenshots/create-a-client.png b/Resources/docs/screenshots/create-a-client.png
new file mode 100644
index 0000000..b626f96
Binary files /dev/null and b/Resources/docs/screenshots/create-a-client.png differ
diff --git a/Resources/docs/screenshots/create-a-realm.png b/Resources/docs/screenshots/create-a-realm.png
new file mode 100644
index 0000000..4ac9c2e
Binary files /dev/null and b/Resources/docs/screenshots/create-a-realm.png differ
diff --git a/Resources/docs/screenshots/create-a-role.png b/Resources/docs/screenshots/create-a-role.png
new file mode 100644
index 0000000..15d2872
Binary files /dev/null and b/Resources/docs/screenshots/create-a-role.png differ