From a77df6d49d4ec688dfd0a1cc723586bffe753516 Mon Sep 17 00:00:00 2001
From: Alberto Pose <albertopose@gmail.com>
Date: Mon, 6 Apr 2015 09:10:14 -0300
Subject: [PATCH] Documenting verify `algorithms` parameter.

---
 README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/README.md b/README.md
index c2cf07a..1f6bcaf 100644
--- a/README.md
+++ b/README.md
@@ -75,6 +75,7 @@ encoded public key for RSA and ECDSA.
 
 `options`
 
+* `algorithms`: List of strings with the names of the allowed algorithms. For instance, `["HS256", "HS384"]`.
 * `audience`: if you want to check audience (`aud`), provide a value here
 * `issuer`: if you want to check issuer (`iss`), provide a value here
 
@@ -119,6 +120,12 @@ jwt.verify(token, cert, { audience: 'urn:foo', issuer: 'urn:issuer' }, function(
   // if issuer mismatch, err == invalid issuer
 });
 
+// alg mismatch
+var cert = fs.readFileSync('public.pem'); // get public key
+jwt.verify(token, cert, { algorithms: ['RS256'] }, function (err, payload) {
+  // if token alg != RS256,  err == invalid signature
+});
+
 ```
 
 ### jwt.decode(token [, options])