Add instructions to README for determining API key and APP ID

Author: Ben Sullivan

README.md

@@ -14,13 +14,23 @@ jobs:
         uses: SecureStackCo/[email protected]
         with:
           securestack_api_key: ${{ secrets.SECURESTACK_API_KEY_SECRET }}
-          securestack_app_id: ${{ secrets.SECURESTACK_APP_ID }}
+          securestack_app_id: <Application Id>
           severity: critical
           flags: '--dom -r'
 ```
 
-## Getting your SecureStack API Key and Application ID
+## Getting your SecureStack API Key
+
+1. Log in to [SecureStack](https://app.securestack.com) and go to the Profile -> GENERATE KEY screen.
+2. Generate an API key and copy the value.
+3. Paste into the value of a secret called SECURESTACK_API_KEY_SECRET in the GitHub repo settings.
+
+## Getting your SecureStack Application ID
+
+1. Log in to [SecureStack](https://app.securestack.com).
+2. Open the application you wish to analyse.
+3. Copy the value of the application id on the View Application screen.
+4. Paste into the value of the `securestack_app_id` action input for the step using the SecureStack action in your workflow.
 
-TODO
 
 Made with 💜 by SecureStack