update readme

README.md

@@ -46,7 +46,9 @@ npm run migrate
 
 ## Usage
 
-The app is used for authentication (aka AuthN) and authorization (aka AuthZ : _to be developped_).
+The app is used for authentication (aka AuthN) and authorization (aka AuthZ).
+
+### AuthN
 
 AuthN consists in verifying a username / password couple. A user can have multiple usernames (representing multiple identifiers), all of them sharing the same password. In the app, all the authentication information about a user is called an _auth_. As of 2022/10/23, the possible identifiers are :
 
@@ -122,6 +124,41 @@ For AuthN, the app exposes the following [gRPC](https://grpc.io/) services :
     }
     ```
 
+### AuthZ
+
+AuthZ consists in verifying if a given **user** has the right permission to execute a given **action** within a given **domain**. Some context-dependant information can be given as well.
+
+For AuthZ, the app exposes the following [gRPC](https://grpc.io/) services :
+
+-   **Decide** : asks the authorization service if a user has the right permission
+
+    ```json
+    {
+        "uuid": "96d99d44-e0a6-458e-a656-de2a400d60a9",
+        "domain": "user",
+        "action": "read",
+        "context": [
+            {
+                "name": "owner",
+                "value": "96d99d44-e0a6-458e-a656-de2a400d60a8"
+            },
+            {
+                "name": "role",
+                "value": "admin"
+            }
+        ]
+    }
+    ```
+
+    In return, the service gives an authorization response : 
+
+    ```json
+    {
+        "allow": true
+    }
+    ```
+
+
 ## Messages
 
 Various RabbitMQ messages are sent for logging purpose.