diff --git a/domain/auth/cas/README.md b/domain/auth/cas/README.md
new file mode 100644
index 00000000..a8e0924f
--- /dev/null
+++ b/domain/auth/cas/README.md
@@ -0,0 +1,21 @@
+# Authenticating with Aperao CAS
+
+## Introduction
+
+Documize can delegate user authentication to aperao CAS integration.
+
+This document assumes that the Documize administrator has installed and is familiar with CAS server.
+
+https://www.apereo.org/projects/cas
+
+Documize is tested against the CAS version 5.3.x.
+
+## Configuring Documize
+
+CAS authentication is configured and enabled from Settings.
+
+Type in the CAS Server URL, Redirect URL.
+
+* **CAS Server URL**: The CAS host address, eg: `https://cas.example.com`
+* **Redirect URL**: The CAS authorize callback URL. If your documize URL is `https://example.documize.com,` then redirect URL is `https://example.documize.com/auth/cas`.
+
diff --git a/domain/auth/cas/endpoint.go b/domain/auth/cas/endpoint.go
index 4753db6b..3b91f940 100644
--- a/domain/auth/cas/endpoint.go
+++ b/domain/auth/cas/endpoint.go
@@ -112,7 +112,15 @@ func (h *Handler) Authenticate(w http.ResponseWriter, r *http.Request) {
 		u.Admin = false
 		u.GlobalAdmin = false
 		u.Email = userInfo.User
-		u.Initials = stringutil.MakeInitials(userInfo.User, "")
+
+		firstName := userInfo.Attributes.Get("first_name")
+		lastName := userInfo.Attributes.Get("last_name")
+		if firstName != "" || lastName != "" {
+			u.Initials = stringutil.MakeInitials(firstName, lastName)
+		}else {
+			u.Initials = stringutil.MakeInitials(userInfo.User, "")
+		}
+
 		u.Salt = secrets.GenerateSalt()
 		u.Password = secrets.GeneratePassword(secrets.GenerateRandomPassword(), u.Salt)