From 6fbcd188048e060ac7ad63826b03a0ce85d8d775 Mon Sep 17 00:00:00 2001
From: TVke <thomas_verhelst@telenet.be>
Date: Mon, 23 Apr 2018 11:23:54 +0200
Subject: [PATCH] Add more clearity about variables

---
 doc/security.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/doc/security.md b/doc/security.md
index 200c98176c2..9a9778c1407 100644
--- a/doc/security.md
+++ b/doc/security.md
@@ -23,7 +23,7 @@ and guess what should contain `$password`. The `$method` can contain one of the
 
 The required value of `$password` depends on the chosen `$method`. For `Github\Client::AUTH_URL_TOKEN`,
 `Github\Client::AUTH_HTTP_TOKEN` and `Github\Client::JWT` methods you should provide the API token in
-`$username` variable (`$password` is omitted in this particular case). For the
+`$usernameOrToken` variable (`$password` is omitted in this particular case). For the
 `Github\Client::AUTH_HTTP_PASSWORD`, you should provide the password of the account. When using `Github\Client::AUTH_URL_CLIENT_ID`
 `$usernameOrToken` should contain your client ID, and `$password` should contain client secret.
 
@@ -47,7 +47,7 @@ Note however that GitHub describes this method as deprecated. In most case you s
 
 To authenticate as an integration you need to supply a JSON Web Token with `Github\Client::AUTH_JWT` to request
 and installation access token which is then usable with `Github\Client::AUTH_HTTP_TOKEN`. [Github´s integration
-authentication docs](https://developer.github.com/early-access/integrations/authentication/) describe the flow in detail.
+authentication docs](https://developer.github.com/apps/building-github-apps/authentication-options-for-github-apps/#authenticating-as-a-github-app) describe the flow in detail.
 It´s important for integration requests to use the custom Accept header `application/vnd.github.machine-man-preview`.
 
 The following sample code authenticates as an installation using [lcobucci/jwt](https://github.com/lcobucci/jwt/tree/3.2.0)
@@ -74,3 +74,6 @@ $github->authenticate($jwt, null, Github\Client::AUTH_JWT);
 $token = $github->api('apps')->createInstallationToken($installationId);
 $github->authenticate($token['token'], null, Github\Client::AUTH_HTTP_TOKEN);
 ```
+
+The `$integrationId` you can find in the about section of your github app.
+The `$installationId` you can find by installing the app and using the id in the url.
\ No newline at end of file