diff --git a/Docker & Kubernetes/Docker/Docker Compose/Firefox.md b/Docker & Kubernetes/Docker/Docker Compose/Firefox.md
index d6e987a..04530b8 100644
--- a/Docker & Kubernetes/Docker/Docker Compose/Firefox.md	
+++ b/Docker & Kubernetes/Docker/Docker Compose/Firefox.md	
@@ -1,5 +1,27 @@
 **Purpose**: Sometimes you just want an instance of Firefox running on an Alpine Linux container, that has persistence (Extensions, bookmarks, history, etc) outside of the container (with bind-mapped folders).  This is useful for a number of reasons, but insecure by default, so you have to protect it behind something like a [Keycloak Server](https://docs.bunny-lab.io/Docker%20%2526%20Kubernetes/Docker/Docker%20Compose/Keycloak/) so it is not misused.
 
+## Keycloak Authentication Sequence
+``` mermaid
+sequenceDiagram
+    participant User
+    participant Traefik as Traefik Reverse Proxy
+    participant Keycloak
+    participant RockyLinux as Rocky Linux VM
+    participant FirewallD as FirewallD
+    participant Alpine as Alpine Container
+
+    User->>Traefik: Access https://work-environment.bunny-lab.io
+    Traefik->>Keycloak: Redirect to Authenticate against Work Realm
+    User->>Keycloak: Authenticate
+    Keycloak->>User: Authorization Cookie Stored on Internet Browser
+    User->>Traefik: Pass Authnorization Cookie to Traefik
+    Traefik->>RockyLinux: Traefik Forwards Traffic to Rocky Linux VM
+    RockyLinux->>FirewallD: Traffic Passes Local Firewall
+    FirewallD->>RockyLinux: Filter traffic (Port 5800)
+    FirewallD->>Alpine: Allow Traffic from Traefik
+    Alpine->>User: WebUI Access to Firefox Work Environment Granted
+```
+
 ## Docker Configuration
 ```jsx title="docker-compose.yml"
 version: '3'