Fix #138 by adding documentation concerning the iat claim to the README.

jpadilla · Apr 14, 2015 · 49af6d0 · 49af6d0
1 parent 29f1ef9
commit 49af6d0
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -161,6 +161,7 @@ be used. PyJWT supports these registered claim names:
  - "nbf" (Not Before Time) Claim
  - "iss" (Issuer) Claim
  - "aud" (Audience) Claim
+ - "iat" (Issued At) Claim
 
 ### Expiration Time Claim
 
@@ -302,6 +303,21 @@ decoded = jwt.decode(token, 'secret', audience='urn:foo')
 
 If the audience claim is incorrect, `jwt.InvalidAudienceError` will be raised.
 
+### Issued At Claim
+
+> The iat (issued at) claim identifies the time at which the JWT was issued.
+> This claim can be used to determine the age of the JWT. Its value MUST be a
+> number containing a NumericDate value. Use of this claim is OPTIONAL.
+
+If the `iat` claim is in the future, an `jwt.InvalidIssuedAtError` exception
+will be raised.
+
+```python
+jwt.encode({'iat': 1371720939}, 'secret')
+
+jwt.encode({'iat': datetime.utcnow()}, 'secret')
+```
+
 ## Frequently Asked Questions
 
 **How can I extract a public / private key from a x509 certificate?**